<?php /*
	
*/ ?>
<?php include("system/config.inc.php");
$donotinclude = 1;
// IF admin is not logged in then it will redirect to the adminlogin page.
if(!isset($_SESSION['adminuserid']))
{
	header("location:index.php?msg=logfirst");
	die();
}

// INSERT into database.
if(isset($_REQUEST['Submit']) && trim($_REQUEST['Submit']) == "Submit")
{ 
	$fullname=mysql_real_escape_string($_REQUEST['varFullname']);
	$uanme=mysql_real_escape_string($_REQUEST['varUsername']);
	$pass=md5($_REQUEST['password']);
	$email=mysql_real_escape_string($_REQUEST['varEmail']);
	$status=$_REQUEST['status'];
	//$status=$_REQUEST['sltstatus'];
   // echo $pass."hi";
	$sql = "INSERT INTO `tbladmin` (`varadminfname` , `varadminname` , `varpassword` ,`varemail`, `intstatus`,`ttLastLogginDatetime` ) 
				VALUES ('$fullname', '$uanme', '$pass','$email','$status',NOW())";
	$insert=$obj_db->insert($sql);
	
	header("location:admin.php?msg=add");
	die();
}

//UPDATE Record
$p_uanme="";
$p_pass="";
$p_fullname="";
$p_email="";
$p_status="";
$action=1;

if(isset($_REQUEST['a']) && trim($_REQUEST['a'])==2)
{
 	if(isset($_REQUEST['intid']) && trim($_REQUEST['intid']!=""))
 	{
		$id = $_REQUEST["intid"];
		$sql =mysql_query( "select * from tbladmin where intid ='$id'");
		while($num_rows= mysql_fetch_array($sql))
		{	
	    	$p_uanme=$num_rows['varadminname'];	
			$p_fullname=$num_rows['varadminfname'];	
			$p_email=$num_rows['varemail'];	
			$p_status=$num_rows['intstatus'];	
			$action=2;
		}
		if(isset($_REQUEST['Submit']) && trim($_REQUEST['Submit']) == "Update")
		{
			$uanme=$_REQUEST['varUsername'];
			$fullname=$_REQUEST['varFullname'];
			$email=$_REQUEST['varEmail'];
			$status=$_REQUEST['status'];
			$sql_upd ="UPDATE `tbladmin` SET `varadminname` = '$uanme', 
							`varadminfname` = '$fullname', `varemail` = '$email',
							`intstatus`='$status' WHERE `intid`='$id'";
			
			//echo $sql_upd;
			//die();
			
			$sql=$obj_db->edit($sql_upd);
			$action=1;
			header("location:admin.php?msg=edit");
			die();
		}
	}
}
//DELETE record from database
if(isset($_REQUEST['a']) && trim($_REQUEST['a'])==3)
{
	if(isset($_REQUEST['intid']) && trim($_REQUEST['intid']!=""))
	{	
		$id =  $_REQUEST['intid'];
		$sql= "DELETE FROM `tbladmin` WHERE `intid` ='$id'";
		$query1 = mysql_query("$sql");
		header("location:admin.php?msg=del");
		die();
	}
}
?>
<script language="javascript" type="text/javascript">
function check()
{
    //alert(myval);return false;
	var cond=true;
	if(document.admin.varFullname.value.length==0)
	{
		alert("Please enter Full Name.");
		if(cond==true)
		{
			document.admin.varFullname.focus();
		}
		cond=false;
		return false;
	}	
	if(document.admin.varUsername.value.length==0)
	{
		alert("Please enter User Name.");
		if(cond==true)
		{
			document.admin.varUsername.focus();
		}
		cond=false;
		return false;
	}	
	if(document.admin.password.value.length==0)
	{
		alert("Please enter Password.");
		if(cond==true)
		{
			document.admin.password.focus();
		}
		cond=false;
		return false;
	}	
	if(document.admin.cnfpassword.value.length==0)
	{
		alert("Please enter Password.");
		if(cond==true)
		{
			document.admin.cnfpassword.focus();
		}
		cond=false;
		return false;
	}	
	if((document.admin.password.value)!=(document.admin.cnfpassword.value))
		{
			alert("Confirm Password is not match to the Password...!");
			if(cond==true)
			{
			document.admin.cnfpassword.focus();
			}
			cond=false;
			return false;
		}
	 if(document.admin.varEmail.value.length==0)
	{
		alert("Please enter E-Mail.");
		if(cond==true)
		{
			document.admin.varEmail.focus();
		}
		cond=false;
		return false;
	}	
	 if(document.admin.status.value=="")
	{
		alert("Please Select Admin Rights.");
		if(cond==true)
		{
			document.admin.status.focus();
		}
		cond=false;
		return false;
	}	
	 if(!checkMail(document.admin.varEmail.value))
	{
		alert("Email must contain an email address.\n");
		if(cond==true)
		{
			document.admin.varEmail.focus();
		}
		cond=false;
		return false;
	}
	
}	
function checkMail(email)
{
	var x = email;
	var filter  = /^([a-zA-Z0-9_\.\-])+\@(([a-zA-Z0-9\-])+\.)+([a-zA-Z0-9]{2,4})+$/;
	if (filter.test(x)) 
	{
	 return true;
	}
	else 
	{
	  return false;
	}
}
</script>

<?php include("inc/header.php");?>
<body>

<table width="80%" border="0" align="center" cellpadding="0" cellspacing="2" class="middlebackground">
  <tr>
    <td colspan="3" align="center"><?php include(INC."top.inc.php");?>&nbsp;</td>
  </tr>
  <tr>
    <td width="2%">&nbsp;</td>
    <td width="96%" align="center" valign="top" height="300">
      <?php   
   if(isset($_REQUEST['script']))
	{
	if(trim($_REQUEST['script'])=='addadmin' || trim($_REQUEST['script'])=='Updateadmin')
	{
	?>
	<form method="post" name="admin" action="">
      <table width="65%" border="0" align="center" cellpadding="0" cellspacing="2" class="border">
      
      <tr>
        <td colspan="5" align="center"  height="20" class="bg1"><strong>
          <?php if($_REQUEST['script']=='addadmin'){echo "Add New Admin...";}
	if($_REQUEST['script']=='Updateadmin'){echo "Edit Admin...";}?>
        </strong></td>
      </tr>
      <tr>
        <td>&nbsp;</td>
        <td align="left">&nbsp;</td>
        <td align="center">&nbsp;</td>
        <td align="left">&nbsp;</td>
        <td>&nbsp;</td>
      </tr>
      <tr>
        <td>&nbsp;</td>
        <td align="right" class="sltimg">&nbsp;</td>
        <td align="center">&nbsp;</td>
        <td align="right">(* All are compulsory)</td>
        <td>&nbsp;</td>
      </tr>
      <tr>
        <td width="10%">&nbsp;</td>
        <td width="30%" align="right" class="sltimg">*Full Name </td>
        <td width="2%" align="center">:</td>
        <td width="47%" align="left"><input name="varFullname" type="text" id="varFullname" value="<?php echo $p_fullname;?>" /></td>
        <td width="11%">&nbsp;</td>
      </tr>
      <tr>
        <td>&nbsp;</td>
        <td align="right" class="sltimg">*User Name </td>
        <td align="center">:</td>
        <td align="left"><input name="varUsername" type="text" id="varUsername" value="<?php echo $p_uanme;?>" /></td>
        <td>&nbsp;</td>
      </tr>
	   <?php if($action==1) {?>
          <tr>
        <td>&nbsp;</td>
		
        <td align="right" class="sltimg">*Password</td>
        <td align="center">:</td>
        <td align="left"><input name="password" type="password" id="varPassword" value="<?php echo $p_pass;?>" /></td>
        <td>&nbsp;</td></tr>
      <tr>
        <td>&nbsp;</td>
        <td align="right" class="sltimg">*Confirm Password</td>
        <td align="center">&nbsp;</td>
        <td align="left"><input name="cnfpassword" type="password" id="varPassword" value="<?php echo $p_pass;?>" /></td>
        <td>&nbsp;</td>
      </tr> <?php }?>
      <tr>
        <td>&nbsp;</td>
        <td align="right" class="sltimg">*E-mail</td>
        <td align="center">:</td>
        <td align="left"><input name="varEmail" type="text" id="varEmail" value="<?php echo $p_email;?>" /></td>
        <td>&nbsp;</td>
      </tr>
      <tr>
        <td align="center">&nbsp;</td>
        <td align="right">Admin Rights</td>
        <td align="left">:</td>
        <td align="left"><select name="status" id="status">
		<option value="">Select Rights</option>
		<option value="2"<?php if($p_status==2){echo "selected";}else{echo "";}?>>Master Admin</option>
		<option value="1"<?php if($p_status==1){echo "selected";}else{echo "";}?>>Normal Admin</option>
		<option value="0"<?php if($p_status==0){echo "selected";}else{echo "";}?>>Disable Admin</option>
        </select>        </td>
        <td align="center">&nbsp;</td>
      </tr>
	  <?php if($action==2) { ?>
	  <tr>
        <td align="center">&nbsp;</td>
        <td align="right">&nbsp;</td>
        <td align="left">&nbsp;</td>
        <td align="left"><a href="changepassword.php?id=<?php echo $id;?>" class="error">Change Password?</a></td>
        <td align="center">&nbsp;</td> 
      </tr> <?php } ?>
      <tr>
        <td colspan="5" align="center">&nbsp;</td>
      </tr>
      <tr>
        <td colspan="5" align="center">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input name="Submit" type="submit" class="btn" id="Submit" onClick="return check();" style="height:25px; width:100px;" value="<?php echo ($action==2) ? "Update":"Submit"; ?>"/>        </td>
      </tr>
    </table>
      
        <?php
	}
}
else
{
?>
     
      <table width="100%" border="0" align="center" cellpadding="1" cellspacing="1" class="border">
       
        <tr class="bg1">
          <td height="30" colspan="7" align="left"><strong>Administrators...</strong></td>
          <td width="9%" align="center"><?php if(isset($_SESSION['acctype'])) {
				 if(trim($_SESSION['acctype'])==2) { ?>
            <a class="new" href="admin.php?script=addadmin">[NEW]</a>
            <?php }  } ?></td>
        </tr>
        <tr class="tblbg3">
          <td width="13%" height="25" align="center"><strong>User Name</strong></td>
          <td width="12%" align="center"><strong>Full Name</strong></td>
          <td width="8%" align="center"><strong>E-Mail</strong></td>
          <td width="13%" align="center"><strong>Status</strong></td>
          <td width="13%" height="18" align="center"><strong>Approve</strong></td>
		  <td width="23%" align="center"><strong>Last Login</strong></td>
          <td width="9%" align="center"><strong>Edit</strong></td>
          <td align="center"><strong>Delete</strong></td>
        </tr>
        <?php
// change status disable or active
if(isset($_REQUEST['sltstatus']))
{
	if(isset($_REQUEST['s']) && trim($_REQUEST['s']) == 0)
	 {
		if(isset($_REQUEST['id']) && trim($_REQUEST['id']!=""))
		{
			$id=$_REQUEST['id'];
			$sql="update tbladmin set intStatus = 1 where intid = $id";
			$update = $obj_db->sql_query($sql);
			header("location:admin.php");
			die();
		}
	}
	if(isset($_REQUEST['s']) && trim($_REQUEST['s']) == 1)
	{
		if(isset($_REQUEST['id']) && trim($_REQUEST['id']!=""))
		{
			$id=$_REQUEST['id'];
			$sql="update tbladmin set intStatus = 0 where intid = $id";
			$update = $obj_db->sql_query($sql);
			header("location:admin.php");
			die();
		}
	}
}?>
        <?php
  
   		$sql="select * from tbladmin";
		$sql_link=$obj_db->select($sql);
  
   			for($i=0;$i<count($sql_link);$i++)
   			{
            	$adminId=$sql_link[$i]['intid'];
				
    ?>
        <tr align="center" class="<?php echo ($i%2==0)?"Hrnormal":"Hralter"; ?>">
          <td ><?php echo $sql_link[$i]['varadminname'];?></td>
          <td><?php echo $sql_link[$i]['varadminfname'];?></td>
          <td><?php echo $sql_link[$i]['varemail'];?></td>
          <td>
		  <?php
		  if($sql_link[$i]['intstatus']=='0')
		  {
		  	echo "Not Approved";
		  }
		  if($sql_link[$i]['intstatus']=='1')
		  {
		  	echo "Normal Admin";
		  }
		  if($sql_link[$i]['intstatus']=='2')
		  {
		  	echo "Master Admin";
		  }
		  ?>
		  </td>
          <td align="center">
                <?php 
				 if(isset($_SESSION['acctype']) && trim($_SESSION['acctype'])==2)
				  {
						if($sql_link[$i]['intstatus']==0)
						{
							echo "<a class='aa' Title='Click here to Approve Admin' href='admin.php?sltstatus=0&s=0&id=$adminId'>Approve</a>";	
						} 
						if($sql_link[$i] ['intstatus']==1) {
							echo "<a class='aa' Title='Click here to Dis-Approve Admin' href='admin.php?sltstatus=1&s=1&id=$adminId'>De-Approve</a>";	
						}
						if($sql_link[$i] ['intstatus']==2) {
							echo "<span class='aa'>Master Admin</span>";	
						} 
					} 
				?>
		  </td>
		  <td><?php echo printdate($sql_link[$i]['ttLastLogginDatetime']);?></td>
          <td><?php if(isset($_SESSION['acctype'])) {
				 if(trim($_SESSION['acctype'])==2) { ?>
              <a class="link" Title="Click here to Edit User" href="admin.php?script=Updateadmin&amp;a=2&amp;intid=<?php echo $adminId;?>"><img src="images/edit.bmp" border="0" /> </a>
              <?php  }  }  ?></td>
          <td><?php if(isset($_SESSION['acctype'])) {
				 if(trim($_SESSION['acctype'])==2) { ?>
              <a Title="Click here to Delete User" href="admin.php?a=3&amp;intid=<?php echo $adminId; ?>" onClick="return confirm('Are you sure to delete this record?');"><img src="images/delete.bmp" border="0"/></a>
              <?php  }  }  ?>
		  </td>
        </tr>
        <?php }?>
      </table> 
	</form>    
        <?php }?>
   </td>
    <td width="2%">&nbsp;</td>
	<tr><td>&nbsp;</td></tr>
	<tr><td>&nbsp;</td></tr>
  </tr>
  
</table>
</body>

</html>
